Home » New Research Finds Half of SOCs are Ineffective

Access ManagementCyber Security NewsSecurity Leadership and ManagementSecurity & Business ResilienceCyberIdentity ManagementPhysical SecuritySecurity NewswireTop Guard and Security Officer CompaniesVideo Surveillance

New Research Finds Half of SOCs are Ineffective

January 22, 2020

No Comments

New survey data suggests that a new way of looking at SOC management is overdue.

The Respond Software and Ponemon Institute study says that the SOC is critical to working and performing in today’s digitized economy as a greater share of business operations and sensitive data is brought online, with 73 percent of respondents viewing their SOCs as crucial elements of their cybersecurity strategies.

The cost that organizations spend on their SOCs reflect this importance, as the research revealed that organizations spend on average $2.86 million annually on their in-house SOCs. Significantly, the cost balloons to $4.44 million annually if organizations outsource to a managed security service provider (MSSP), neutralizing any cost savings from outsourcing.

Despite that substantial investment, almost half (49 percent) of survey respondents are dissatisfied with the effectiveness of their SOC in detecting attacks. Of those who turned to a managed security service provider (MSSP), 58 percent rated their MSSP as ineffective.

Part of this dissatisfaction, it says, stems from the high cost of MSSPs; often twice the cost of staffing and managing a SOC in-house. A majority of the respondents (63 percent) are looking for a way out, including reviewing new vendors or bringing the SOC function in-house.

The research also uncovered challenges with running an in-house SOC as well. Those organizations that run their SOCs internally struggle with significant staff burnout and turnover. Seventy percent of respondents agreed that their SOC analysts burn out quickly because of the high-pressure environment and workload, with information overload and chasing too many alerts as the main stressors.

Larry Ponemon, chairman and founder, Ponemon Institute, said: “This study highlighted many of the challenges and perceptions regarding company SOCs, including the substantial impact and cost of personnel for in-house SOCs. Many organizations thus turn to outsourcing, but 58 percent find their MSSPs to be either ineffective or only moderately effective. This creates a conundrum that suggests a third-way solution is necessary.”

The full report is available for download here.

I want to hear from you. Tell me how we can improve.

BNP Media Owner & Co-CEO, Tagg Henderson

You must login or register in order to post a comment.

In this webinar, we’ll share quantitative, real-world pay and bill rate data from hundreds of security firms across the U.S. to identify common trends. We’ll review how companies price their services based on location, type of post, and the size of the firm.

With the coronavirus pandemic adding to an evolving set of risks to already challenged security operations and budgets, reducing enterprise risk is more complex than ever.

Poll

Emergency Communications

View Results

Poll Archive

Products

Effective Security Management, 7th Edition

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

See More Products

Security Magazine

2020 March

This month in Security magazine: Mike Matranga has been labeled brash, tough, outspoken, emotional and controversial. But when it comes to school security, he doesn’t care what people think of him. He is 100 percent undeterred by anyone who may question his methods when it comes to keeping schools and students safe at Texas City ISD.

View More Create Account

New Research Finds Half of SOCs are Ineffective

Related Articles

Report Abusive Comment